Ubuntu Forums - FYI
Sajan Parikh
sajan at noppix.com
Wed Jul 24 13:36:17 UTC 2013
On 07/24/2013 07:47 AM, Kent Borg wrote:
> AES is probably really good. But if I slap an "AES!" sticker on my
> product, it doesn't mean my product is any good. I might be a cheat and
> a liar, or I might be incompetent with cryptography. Why should you
> trust my close-source product?
You're actually implying right now that LastPass is lying about how they
are storing things, and are just 'slapping a sticker' on it?
How can we ever have a genuine discussion on the practical use of the
internet, if you're going to hold that position?
We quite literally went from me advocating the use of LastPass by the
general public, to mitigate the damage of these types of (predictable)
breaches, to you and Patrick going on about how either LastPass is
lying, or working with the Government with a secret backdoor to all your
passwords.
I think we both realize that discussion has nowhere to go.
I'll be clearer this time, so as not to seem selfish. I'm not telling
anyone to shut up, but I'll remove myself from this thread unless
directly responded to.
> Before uploading a master key database to some kinda open internet
> backup, I super-encypt with a gpg (which does get a lot of review).
> Using a different key for the gpg step. I now I have a file which is as
> good as it's *strongest* link, not weakest.
You 'super-encrypt', eh?
--
Sajan Parikh
Owner, Noppix LLC
o: (563) 726-0371
c: (563) 508-3184
More information about the ubuntu-users
mailing list